Skip to content

cargo-audit reports that yaml-rust is unmaintained #553

Description

@stefano-garzarella

We are using this crate in https://github.com/rust-vmm/vhost-device/tree/main/vhost-device-vsock
We run cargo-audit in our CI which now is reporting that a dependency of this crate is unmaintained:

$ cargo audit
    Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
      Loaded 615 security advisories (from /home/stefano/.cargo/advisory-db)
    Updating crates.io index
    Scanning Cargo.lock for vulnerabilities (177 crate dependencies)
Crate:     yaml-rust
Version:   0.4.5
Warning:   unmaintained
Title:     yaml-rust is unmaintained.
Date:      2024-03-20
ID:        RUSTSEC-2024-0320
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0320
Dependency tree:
yaml-rust 0.4.5
└── config 0.14.0
    └── vhost-device-vsock 0.1.0

warning: 1 allowed warning found

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions